New Projects

1
New Projects
2
Viewing RA Packets with WireShark
3
Gogo6 Tunnel with Router Advertisements
Freenet6 Tunnel Broker
gogoCLIENT
IPv6 RA Packet
4
SLAAC (Stateless Address Autoconfiguration)
gogoCLIENT
IPv6 RA Packet

• RA packet specifies first 64 bits of address
  gateway address
• Host generates the last 64 bits

5
Router Advertisement (RA)
6
Ubuntu Linux 10.10 SLAACWorks Properly
7
BackTrack 4 R2 Linux RequiresManual Configuration
8
Scanning a LAN
9
IPv4-to-IPv6 Reverse Proxy
IPv4-only Web server
IPv6-to- IPv4 Reverse Proxy
IPv6 Clients
Legacy IPv4 Clients
10
haproxy

• Linux proxy and load-balancer
• This configuration listens on IPv6 for clients
  and proxies to IPv4

11
Proxy Listening on IPv6

• Port 80 for HTTP
• Port 442 for HTTPS

12
Proxy in Action

• Put the IPv6 address in the browser
• Press Enter
• CCSF Webpageopens

13
Not an IPv4 Connection
14
Ch 4 IPv6 Advanced Topics
15
Topics

• Multihoming
• Multicast
• QoS
• Mobile IPv6
• Jumbograms
• DHCP
• Prefix renumbering

16
4.1 Multihoming

• Multiple addresses on the same node
• Advantages
• Multiple paths to the Internet for
  fault-tolerance or load-balancing
• QoS differentiation
• Security policy enforcement
• Costs
• Either the Internet backbone needs multiple
  routes to the host, or
• The node must sort out the traffic

17
Provider-Independent Addresses

• IP addresses dont change when you change ISPs
• Easiest for end users to manage
• Fragments and increases the Internet backbone
  routing tables
• ARIN will give qualifying companies a /48,
  provider-independent

18

• Link Ch4a

19
Live BGP Updates

• Link Ch 4b

20

• IPv6 BGP table has 2000 routes at present, but it
  is growing
• Link Ch 4c

21
Site Multihoming by IPv6 Intermediation (SHIM6)
Specification

• A way to limit IPv6 BGP table growth
• Splits layer 3 into sublayers

22
4.2 IPv6 Multicast

• IPv4 Broadcast packets are read by every node
  that receives them
• Multicast packets are only read by nodes that
  have subscribed to that multicast group

23
Multicast Advantages

• Sender only needs to create one packet for many
  receivers
• Less bandwidth consumption
• Sender doesnt need to know or remember how many
  listeners there are
• Typical uses streaming audio or video, router
  updates, Ghosting hard drives

24
ARP Broadcast in IPv4
Where is the gateway?
25
Neighbor Discovery in IPv6

• Takes the low-order 24 bits of this address
  (C7113A)
• Appends them to the well-known solicited node
  multicast prefix, FF0200001FF00/104
• Sends Neighbor Solicitation message to that
  solicited node multicast address
  FF021FFC7113A

What other address does FE804DF254C8B8C7113A
have?
26
Well-Known Multicast Addresses

• Link-local scope
• FF021 All Nodes
• FF022 All Routers
• FF0212 All DHCP Agents

27
Multicast Listener Discovery (MLD)

• A Protocol used by interfaces to join and leave
  multicast groups
• Routers keep track of these groups for each
  interface on which they forward packets
• Uses Multicast Listener Query and
• Multicast Listener Report packets

28
Multicast Address format

• Always starts with FF
• Flags are 0 for well-known addresses

29
Scope Bits
30
Demonstration

• Using IPCONFIG to find the Interface ID in
  Windows 7 (12)
• IPv6 address ends in b225

31
Demonstration

• Sniff on the correct adapter in Wireshark
• IPv6 address ends in b225

32
Ping Local Interface ff011
33
Ping Link-Local Interface ff021
34
4.3 IPv6 Quality of Service (QoS)

• QoS includes several techniques to adjust
  performance for different types of traffic
• Streaming media need low latency but can tolerate
  some packet loss
• File transfer can tolerate latency but not packet
  loss

35
IPv6 Advantages for QoS(not fully implemented
yet)

• End-to-end addressing no need for NAT
• Simpler header
• Larger packet sizes
• No in-route fragmentation
• No broadcast more efficient multicast
• A new Flow Label field and larger Traffic Class
  field in the main IPv6 header

36
4.4 Mobile IPv6 (MIPv6)
37
MIPv6 Tems

• Mobile Node (MN). A node using MIPv6 to change
  its point of network attachment
• Home Address (HoA). The permanent, routable
  unicast address of the MN
• Home Link. The link on which the MNs HoA is
  defined
• Foreign Link. Any link except the home link
• Care-Of Address (CoA). A routable unicast address
  used by the MN on a foreign link
• Correspondent Node (CN). A peer with which the MN
  is communicating

38
More MIPv6 Terms

• Home Agent (HA). A router on the MNs Home Link
  with which the MN registers its CoA and which
  forwards traffic to and from the MN at its CoA
• Route optimization. Direct communications between
  a MN and CN without involving a HA

39
4.5 Jumbograms

• With an Extension Header, packets larger than
  65,536 bytes are allowed
• Up to 4 GB
• But they will only become practical when networks
  handle packet sizes that big (not yet)

40
4.6 Address Selection

• IPv6 interfaces have many addresses, so it is not
  obvious how to select from the available source
  addresses (or even destination addresses) when
  sending a packet
• The selection process is common-sense use the
  smallest scope, avoid deprecated addresses, etc.

41
4.7 Dynamic Host Configuration Protocol (DHCP)
for IPv6

• SLAAC doesnt deliver DNS server info
• DHCP is Stateful, and requires a server
• Three primary configuration options are available
  for IPv6 interfaces
• 1. Use autoconfiguration and not DHCPv6.
• 2. Use DHCPv6 and not autoconfiguration.
• 3. Get an address with autoconfiguration and then
  use DHCPv6 to retrieve additional information.

42
4.8 IPv6 Prefix Renumbering

• When you change ISPs, you need to update
• Manually assigned addresses for interfaces on
  routers
• Routing information and link prefixes advertised
  by routers
• Addresses on routers, firewalls, and packet
  filters used for access control or ingress
  filtering
• Addresses assigned to interfaces with stateless
  address autoconfiguration
• Addresses and other information provided by
  DHCPv6
• DNS records (primarily AAAA and PTR records, as
  well as DNSSEC)
• All other instances of addresses in applications,
  command sequences, configuration files, and
  elsewhere.